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(54) Preserving the data type of an encrypted data element 



(57) A method and a system for data type preserving 
encryption of a data element in a relational database, 
wherein each data element comprises a string of at least 
one character. The method comprises the steps of: 
reading the type of a data element which is to be en- 
crypted; and interpreting said data type in order to form 
a restricting character set for each character of said data 
element. Then encryption using said encryption means 
for encrypting each character of said data element Into 
an encrypted character using said restricted character 
set to control said encryption means to onry create en- 
crypted characters included said restricting character 
set is performed. 
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Description 

Field of Invention 

[0001] The present invention generally relates to the 
field of data encryption and specifically to a method and 
a system for data type preserving encryption of a data 
element in a relational database. 

Background of the invention 

[0002] It is common to use client-server solutions for 
commercial applications. Hereby a separation of appli- 
cations and data storage is provided. Development of 
applications and products for data storage and retrieval 
can be and is generally therefore also separated. One 
way of storing data is using a database as a structured 
and unified way of storage and retrieval. A standardized 
communication interface, such as SQL, is then usually 
used for data retrieval and storage in the databases in 
order to let application developers develop applications 
independently of the database software. In the software 
market of today, the development of database and ap- 
plication software is generally performed by different 
vendors. 

[0003] The database vendors provides a framework 
and tools for storing and retrieving data, but it is up to 
the application developer to define the logical structure 
and design of the database. This is done through said 
communication interface. Design comprise issues tike 
implementing the data model in tables in the database. 
The tables utilizes rows for representing data records 
and columns for different properties of a data record. 
Thus, a data element represent a property of a specific 
data record, i.e. a combination of a row and a column of 
a table. The restrictions and constraints of a data ele- 
ment in a database is defined by its type. The data type 
could for instance restrict which characters, the length 
of the data element, etc that can be stored in the data- 
base. The restrictions defined by the data type vary 
among the databases provided by different vendors. 
[0004] In order to provide protection for data in data- 
bases, it is preferred to use a so-called granular security 
solution for the encryption of databases, instead of 
building walls around servers or hard drives. In such a 
solution, which is described in the document WO 
97/49211 by the same applicant, a protective layer of 
encryption is provided around specific sensitive data- 
items or objects. This prevents outside attacks as well 
as infiltration from within the server itself. This also al- 
lows the administrator of the security solution to define 
which data stored in databases are sensitive and there- 
by focusing the protection only on the sensitive data, 
which in turn minimizes the delays or burdens on the 
system that may occur from other bulk encryption meth- 
ods. Most preferably the encryption is made on such a 
basic level as in the data element level of the databases. 
Such security solutions are often provided between the 



database and the application intercepting the interface 
in between. Thus, they are transparent to the applica- 
tion. 

[0005] However, when implementing security solu- 
s tions for protecting individual data elements, such as the 
above described, the database design has to be adapt- 
ed in order to accommodate the particular needs of a 
security solution. Any manipulation of the database de- 
sign and structure will result in a cumbersome instalta- 
10 tion process and also increased maintenance costs. For 
example, if the structure of a database table has to be 
changed in order to accommodate an encrypted data 
element, this would require a costly conversion of the 
database table, especially if the table is populated with 
'5 data. Such a change could be to introduce a new or 
change the properties of an existing column. Then, the 
interface between the application and the database has 
to be adapted in order to have the changed table to ap- 
pear in its original form to the application in order to not 
20 violate any rules set up by the application. Then, on the 
other hand if the application requires a certain structure 
of the database and utilizes the restrictions implement- 
ed in the data type of the data element, problems are 
also likely to occur since for instance integrity checks 
25 will not be performed as expected by the application. 
Then, such checks will have to be implemented in the 
security solution. If then the database vendor changes 
their specifications of the data types or introduce new, 
which are also adapted by the application vendor, the 
30 security solution will also have to be amended. 

Object of the invention 

[0006] It is therefore an object of the present invention 
35 to provide an improved method and system for encryp- 
tion of data elements in a relational database reducing 
the need for changes of the database design overcom- 
ing above mentioned problems. 
[0007] The object is achieved by a method and a sys- 
*o tern according to the appended claims. 

Summary of the invention 

[0008] According to the invention a method for data 
45 type preserving encryption of a data element in a rela- 
tional database, wherein said database comprises a 
plurality of data elements of at least one type, and each 
data element comprises a string of at least one charac- 
ter, comprises the steps of: reading the type of a data 
so element which is to be encrypted; interpreting said data 
type in order to form a restricting character set for each 
character of said data element; encrypting each char- 
acter of said data element into an encrypted character 
using said restricted character set to control the encryp- 
ts tion process to only create encrypted characters includ- 
ed said restricted character set. 
[0009] Hereby, a method is provided which reduces 
the need for changes to the database design by preserv- 
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ing the data type in the encrypted data element. The 
preservation means that the ciphertext is as valid as the 
plaintext it replaces. Then using this method for encryp- 
tion of individual data elements will not require a change 
of the data type of the data element which is to be en- 5 
crypted. Since the data could be stored in the same col- 
umn, the storage requirements does not increase when 
the security solution is implemented. Then, since the 
original column could be used, no changes to the data- 
base design has to be performed. Also, the risk for vio- io 
lating vendors maintenance agreements is reduced. 
[0010] Thus, a security solution is provided which is 
both application transparent and database table trans- 
parent. This results in easier installation of the security 
solution and simplified maintenance of both the security « 
solution and the database. 

[0011] The advantages above are accomplished by 
taking the restrictions as defined by the data types, 
which data types are defined in the database and set up 
by either the database vendor or the application vendor 
or both, and use them in the encryption process. Pref- 
erably, the encryption means then interprets these data 
types and use them to control the encryption process. 
The interpretation process could for example comprise 
activities like analyzing the definitions of data types and 
which components they are constructed of. Then this 
analysis could be stored and retrieved when the inter- 
pretation process is invoked. In one embodiment this is 
done in advance for each data type and in another em- 
bodiment this is done when the actual encryption is to 
take place. Then the encryption is performed to provide 
a ciphertext field which follow the restrictions and con- 
straints of the data type. Preferably, the is controlled to 
provide encryption that results in a data element having 
the same number of characters as the unencrypted data 
element. 

[0012] In a embodiment the method comprises the 
further step of arranging one or more character sets in 
a pattern for a data type. Hereby, the work needed for 
interpreting a data type and form restricting character 
sets is reduced to reading a pattern corresponding to 
the data type. For example, a date type restricting the 
data of the data element to integers would result in a 
pattern of consecutive character sets containing the nu- 
merals 0-9. Thus, such a pattern would facilitate the in- 
terpreting process in the previously mentioned step. 
[0013] In a preferred embodiment of the present in- 
vention, the method comprises the further steps of con- 
verting each character to an index value and adding a 
varying value to each index value before encryption. 
Hereby, a method is provided which reduces the risk for 
encrypting adjacent characters the same way when sim- 
ilar characters occur in sequence. Preferably, the vary- 
ing integer value is obtained by the steps of: creating an 
initial value by hashing the encryption key; adding adja- 
cent index values palrwise from the left to the right using 
said Initial value when adding the leftmost character. 
[0014] Also according to the invention a system for 



data type preserving encryption of a data element in a 
relational database, comprising: a database, wherein 
said database comprises a plurality of data elements of 
at least one type, and each data element comprises a 
string of at least one character, comprising the steps of: 
reading means for reading the type of a data element 
which is to be encrypted; Interpretation means for inter- 
preting said data type in order to form a restricting char- 
acter set for each character of said data element; and 
encryption means for encrypting each character of said 
data element into an encrypted character using said re- 
stricted character set to control said encryption means 
to only create encrypted characters included said re- 
stricting character set. 

[001 5] The advantages of the system according to the 
invention corresponds to those of the inventive method. 

Brief description of the drawings 

[0016] For exemplifying purposes, the invention will 
be described to embodiments thereof illustrated in the 
attached drawings, wherein: 

Fig. 1 is a schematic view of an applicable environ- 
ment for the method according to the invention; and 
Fig. 2 is a flow-chart illustrating a method according 
to an embodiment of the invention. 

Description of preferred embodiments 

[001 7] The inventive method is a method for data type 
preserving encryption of a data element in a relational 
database. The method provides a new way of using se- 
curity solutions on databases, since the need for rede- 
signing the database is significantly reduced. The meth- 
od will now be described in an example of an applicable 
environment illustrated in fig. 1 . The environment com- 
prises an application 1 0, encryption means 20 and a da- 
tabase 30. The database comprises a plurality of data 
elements 31 , each associated with a data type 32. The 
data type defines at least the valid characters of the data 
element. Common data types used in commercial data- 
bases are for instance INTEGER, FLOAT, CHAR, 
BOOLEAN, and DATE. These correspond to Integers, 
floating numbers, all alphanumericat characters includ- 
ing non-alphabetical letters, a true or false value, and 
date, respectively In most cases these are specified 
with an appropriate length for each data element. In 
some instances the length is naturally defined by the da- 
ta type, such as for the DATE format. 
[0018] The application 10 is connected to the data- 
base 30 in order to store at least some of its data, for 
example personnel records. The data element which is 
subject for encryption is then encrypted in the encryption 
means 20. Utilizing encryption means below the appli- 
cation makes the encryption application transparent. 
Thus, the encryption means is provided for intercepting 
data storage and retrieval requests from the application. 
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Preferably, the rules defining which data elements that 
are to be encrypted is set up in the encryption means 
leaving the database and the application unaffected. 
With the inventive method the security solution will also 
be database table transparent since the database de- 
sign will be unaffected when introducing encryption for 
a data element 

[0019] The invention will now be illustrated by how a 
data element is encrypted with the inventive method. 
Referring to fig. 2, a method for data type preserving 
encryption of a data element in a relational database ac- 
cording to a preferred embodiment of the invention is 
now to be described. 

[0020] The method comprises a first step S1 , wherein 
an index value is provided for each character. This could 
preferably done in advance for all available characters, 
i.e. all letters, numbers, special characters, control char- 
acters, etc, that are used in the database. Preferably 
this is done by taking the ASCII value of each character. 
However, this could also be done at the time for encryp- 
tion of each character of the data element which is to be 
encrypted in the encryption means. For instance "A" 
could be represented by "1", "B" by "2 w t etc. 
[0021] Then, when a data element is to be written to 
the database by the application 10, the encryption 
means have to know the data type of the data element 
where the data is to be stored. The data type is read in 
the step S2. 

[0022] In order to use encryption algorithms like DES 
(Data Encryption Standard), the characters have to be 
converted to numerals. In a step S3, the characters are 
converted to corresponding index values as defined in 
the step S1 . 

[0023] In order to ensure that the encrypted values of 
two single character strings with adjacent characters will 
not be sequential, the index values could preferably 
themselves be shuffled based on a portion of the en- 
cryption key. For instance, it is not desired to let "b" be 
encrypted as V whenever "a" is encrypted as V. Then 
in a step S4, the data is "rippled* from the left to the right 
and preferably again from the right to the left. This could 
be done by hashing the encryption key into an initial val- 
ue and add adjacent values pairwise. Then, as pre- 
ferred, the same procedure is applied to the permutation 
of the individual characters. Now the fact that two strings 
that contain the same characters is disguised. 
[0024] Then, in a step S5 the index values, and pref- 
erably the shuffled index values, are encrypted by the 
encryption means. Preferably the DES algorithm is used 
toprotect sensitive data to produce the encrypted index 
values. In this embodiment this is performed in the fol- 
lowing steps: 

1 . The DES algorithm takes as input a 64-bit input 
block and a 64-bit key (56 key bits and 8 parity bits) 
and uses these two values to produce a 64-bit out- 
put. The ciphertext output can be decrypted using 
the same key. 



2. DES can be operated as a stream cipher in "ci- 
pher-feedback" mode. This mode is used to encrypt 
one index value at a time. 

3. At the end of each encryption pass, the plaintext 
5 data Is also shifted into the DES input register by 

the steps of: 

a. representing the alphabet index values of the 
n-character, plaintext input string with: 

io j| i2 i3 i4 ... i8 

b. constructing the 64-bit DES initial value re- 
quired by cipher-feedback mode based on a 
portion of the encryption key: 

is a1 a2a3a4... a8 

wherein each value represents an 8-bit number 
(0-255). 

c. letting the output of the DES algorithm be: 
20 b1 b2b3b4... b8 

d. The first transformed index value is the mod- 
ular sum: 

21 = b8 + i1 (mod I) , 
25 where I is the size of the restricting character 

set 

e. constructing a new DES input value as: 

b2 b3 b4... b8 i1 

30 

f. obtaining a new DES output: 

c1 c2c3c4 ... c8 

g. producing the second transformed index vat- 
35 ue with the modular sum: 

22 = c8 + i2(mod I). 

[0025] After n such steps, during each of which a sin- 
gle input index value is transformed, we have an en- 

40 crypted index-value string: 
z1z2z3... zN 
In cipher-feedback mode, DES decryption Is never in- 
voked. Reversing the transformation is done by sub- 
tracting the low order DES output from the transformed 

^5 index value. 

[0026] Here every character in the restricting charac- 
ter set is given an sequential ordinal, and the highest 
number represent the size, I, of the restricting character 
set. In this embodiment each individual character of t s 

50 data element is assigned a specific character set. Tfc r. 
could be useful for data types which are composites u 
letters and numerals organized with for example a some 
letters followed by some numerals. It could also be used 
for databases which use some semantic restrictions, on 

55 for example the date format. Here the character set 
could be a subset of the numerals 0-9. However, it 
should also be possible to use the same character set 
for all characters of a data element, for example with 
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data elements where all characters have the same re- 
strictions, such as all alphanumerical. 
[0027] The interpretation of the data type in order to 
create restricting character sets could be done in ad- 
vance for all current data types of the database. This will 
result in increased performance. These could then be 
organized in patterns for each data type. For example, 
the data type INTEGER with the length of 8 bytes, a pat- 
tern of character set could be eight consecutive charac- 
ter sets containing the numerals 0-9. 
[0028] Then , in a step S6, the encrypted index values 
are converted back to characters. 
[0029] We now have an encrypted data element 
which fulfills all the requirements according the type of 
the data element where it is to be stored. 
[0030] The invention has been described above in 
terms of a preferred embodiment. However, the scope 
of this invention should not be limited by this embodi- 
ment, and alternative embodiments of the Invention are 
feasible, as should be appreciated by a person skilled 
in the art. For example, the application, the encryption 
means and the database have herein been described 
as separate units. It is apparent to a person skilled in 
the art that these units could be comprises within one 
or a combination of units. Also, in another embodiment, 
instead of the restricting character set used for control- 
ling the encryption means, a set of corresponding index 
values could be used. 

[0031] Such embodiments should be considered to 
be within the scope of the invention, as it is defined by 
the appended claims. 

Claims 

1 . A method for data type preserving encryption of a 
data element in a relational database, wherein said 
database comprises a plurality of data elements of 
at least one type, and each data element comprises 
a string of at least one character, comprising the 
steps of: 

reading the type of a data element which is to 
be encrypted; 

interpreting said data type in order to form a re- 
stricting character set for each character of said 
data element; 

encrypting each character of said data element 
into an encrypted character using said restrict- 
ed character set to control the encryption proc- 
ess to only create encrypted characters includ- 
ed said restricted character set. 

2. A method according to claim 1 , comprising the fur- 
ther step of: 



3. A method according to claim 1 or 2, where the en- 
cryption results in a data element having the same 
number of characters as the unencrypted data ele- 
ment. 

5 

4. A method according to any of the preceding claims, 
comprising the further steps of: 

converting each character to an index value; 
10 and 

adding a varying value to each index value be- 
fore encryption. 

5. A method according to claim 4, wherein the varying 
15 integer value is obtained by the steps of: 

creating an initial value by hashing the encryp- 
tion key; 

adding adjacent index values pairwise from the 
20 left to the right using said initial value when add- 

ing the leftmost character. 

6. A method according to any of the preceding claims, 
wherein the encryption is performed using the DES 

25 algorithm in stream cipher mode. 

7. A system for data type preserving encryption of a 
data element in a relational database, which data- 
base comprises a plurality of data elements of at 

30 least one type, and each data element comprises a 
string of at least one character, comprising: 

reading means for reading the type of a data 
element which is to be encrypted; 

35 interpretation means for interpreting said data 

type in order to form a restricting character set 
for each character of said data element; 
encryption means for encrypting each charac- 
ter of said data element into an encrypted char- 

40 acter using said restricted character set to con- 

trol said encryption means to only create en- 
crypted characters included said restricting 
character set. 
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arranging one or more character sets in a pat- 
tern for a datatype. 
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